Application Security in the ISO27001 Environment

Description

Application Security in the ISO27001 Environment demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment, helps organisations protet critical data in line with the requirements of financial, governance and data protection regulations, and supports implementation of the PCI DSS Payment Application Security Standard.

 

Application Security in the ISO27001 Environment is written by Vinod Vasudevan, Anoop Mangla, Firosh Ummer, Sachin Shetty, Sangita Pakala and Siddharth Anbalahan. Together, the authors draw on a wealth of experience in tackling and securing applications in critical environments and make this expertise available to help anyone tackling application security in ISO27001 and PCI environments, risk management and software application development.

Secure Development Lifecycles.

Over 224 pages, they address a range of essential topics, including:

    * secure development lifecycles,

    * threat profiling,

    * security testing,

    * secure coding guidelines.

They also show how the controls from Annex A of ISO27001/ISO27002 can be used to secure individual applications, and demonstrates how to tackle this issue as part of the development and roll out of an organisation-wide Information Security Management System conforming to the Standard.